Chetna
Chetna

Reputation: 864

Service in application is getting killed in background

I have an application which requires user to log in for the first time and after that it should maintain this status.The application receives some data from back-end during the login process. This data is used during the lifetime of the application.
But Android kills my application during low memory conditions. So I searched and found service as its solution.So I wrote the code for login in the service.Therefore, whenever the service restarts(after the application is killed in background), the user will be automatically logged in. And for this I want the user credentials. But I don't want the login credentials to be stored in shared preference or DB.
Any kind of help will be great.

Upvotes: 1

Views: 167

Answers (3)

Jayeshkumar Sojitra
Jayeshkumar Sojitra

Reputation: 2511

Solution is there if you do not want to save login credentials in shared preference then you can implement other option like store login status in your shared preferences rather than login credentials.

And you will be able to maintain status of user's login state.

Upvotes: 1

bogdan
bogdan

Reputation: 782

If you want to send the credentials to the service without using the shared preferences or db you can send them when you start the service. When you create the Intent that is used to start the service you can use the method putExtra(name, value) if you want to send the credentials to the Service. (Edit) When the service gets destroyed you will have to save the credentials somewhere. If you don't want to keep them in shared preferences permanently, you can save them for example before the service gets destroyed, in onDestroy() and remove them from the preferences after you retrieve them in onCreate()

Upvotes: 1

RvdK
RvdK

Reputation: 19800

You could change the Server so that it's returning a authentication token, which you store in the SharedPreferences. Then use that token for all other calls.

Other solution is to store the (salted) hash of the password and upload this.

Both solutions are not fool proof, if someone is able to get your salted hash or the token (depending what you use), he/she can login. But at very least, do the login via HTTPS so someone cannot sniff your token/credentials from the network.

On Android there is an AccountManager, maybe it can give you an idea of how to implement. http://developer.android.com/reference/android/accounts/AccountManager.html

Also see this post: Android: Storing username and password?

Upvotes: 1

Related Questions